General
-
Target
a06012876cea6d4e0f2aded8aa3f2bc90d31a808c64002fbddc052f9c2306a7f
-
Size
472KB
-
Sample
211021-1ajrtsagc8
-
MD5
b1ed59d8b5aa3dd544e3ec56e260b484
-
SHA1
2d8217da42bde43d1eae04f7221ce51e1389e4b6
-
SHA256
a06012876cea6d4e0f2aded8aa3f2bc90d31a808c64002fbddc052f9c2306a7f
-
SHA512
de102e60fbeef3e0496616ce321e02b2178ac9dd4e7a868ab816c44131c8eee353c07be8ae5e0ce2868204894b8981cfad7b3532f298f9b1b21331ef71b686ed
Static task
static1
Behavioral task
behavioral1
Sample
a06012876cea6d4e0f2aded8aa3f2bc90d31a808c64002fbddc052f9c2306a7f.exe
Resource
win10-en-20210920
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.sgsabah.com - Port:
587 - Username:
[email protected] - Password:
Newlife8
Targets
-
-
Target
a06012876cea6d4e0f2aded8aa3f2bc90d31a808c64002fbddc052f9c2306a7f
-
Size
472KB
-
MD5
b1ed59d8b5aa3dd544e3ec56e260b484
-
SHA1
2d8217da42bde43d1eae04f7221ce51e1389e4b6
-
SHA256
a06012876cea6d4e0f2aded8aa3f2bc90d31a808c64002fbddc052f9c2306a7f
-
SHA512
de102e60fbeef3e0496616ce321e02b2178ac9dd4e7a868ab816c44131c8eee353c07be8ae5e0ce2868204894b8981cfad7b3532f298f9b1b21331ef71b686ed
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-